CyberNews
Apple expected to launch revamped iPad model at May 7th event
Apple will hold an event on May 7 amid reports that it will roll out the long-anticipated revamped versions of iPad Pro and iPad Air next month.
CyberNews
April 8th solar eclipse could strain electric grids, experts warn
The upcoming total solar eclipse on April 8th has sparked rumors of strained electric grids and jammed cellphone towers Is there any truth to the rumors?
CyberNews
Leaked database with 10K Home Depot employees roaming the wild
A database, allegedly containing the data of 10,000 Home Depot employees, has been posted by the malicious actor IntelBroker on the illicit forum BreachForums.
CyberNews
Benetton Group claimed by Hunters International ransomware gang
Global fashion company Benetton Group has allegedly been attacked by the ransomware gang Hunters International.
CyberNews
Apple services restored after brief global outage
Multiple Apple services, including the App Store, Apple TV+, and Apple Music, were down on Wednesday for users in the US, according to the company's status page.
Trend Micro
Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption
Our new article provides key highlights and takeaways from Operation Cronos' disruption of LockBit's operations, as well as telemetry details on how LockBit actors operated post-disruption.
CyberNews
Facebook may have exploited user devices to spy on competitors, documents show
In 2016, Facebook launched a secret project to acquire, decrypt, transfer, and use private, encrypted in-app analytics from Snapchat, YouTube, and Amazon.
CyberNews
Anti-scam firm exposes OpenAI API key
CertyAI exposed an environment file revealing OpenAI API key and Photoroom API key.
CyberNews
TV company exposes over 100K records
Zapping.com, a Chilean online television company, has leaked the sensitive data of over 100,000 of its customers.
HACKRead
Meta Platforms Face Outage: Facebook, Instagram, Messenger, Threads Down
Users of Meta Platforms including Facebook, Instagram, Messenger, and Threads, are currently experiencing difficulties accessing their accounts.
CyberNews
User got a $104K bill from hosting provider: “I thought it was a joke”
“Netlify just sent me a $104K bill for a simple static site,” they wrote after falling victim to a DDoS attack.
Infosecurity News
Operation Cronos: Who Are the LockBit Admins
Law enforcement agencies involved in Operation Cronos have announced they have been in contact with the LockBit kingpin aka LockbitSupp
CyberNews
London Stock Exchange Group platforms suffer brief outages
Various London Stock Exchange Group (LSEG) news and currency trading platforms around the world suffered brief outages as European markets opened on Thursday.
Security Affairs
More details about Operation Cronos that disrupted Lockbit operation
Law enforcement provided additional details about the Operation Cronos that led to the disruption of the Lockbit ransomware operation
Infosecurity News
Top UK Universities Recovering Following Targeted DDoS Attack
The attack, which has been claimed by Anonymous Sudan, has been confirmed to have impacted IT services at the universities of Cambridge and Manchester
Infosecurity News
Lockbit Infrastructure Disrupted by Global Law Enforcers
UK’s National Crime Agency has led an international operation to disrupt the Lockbit ransomware group
CSO
LockBit ransomware operations seized by law enforcement in ‘Operation Cronos’
LockBit websites displayed a takeover message by authorities, teasing full operation disclosure.
DataBreaches
Developing: LockBit disrupted by law enforcement
On Monday afternoon, LockBit3.0’s dark web blog was replaced by a 404 message and then a seizure notice: The notice reads: The Site is Now Under Control...
HACKRead
8 LockBit Ransomware Gang Domains Seized in Global Operation
All known dark web domains operated by the notorious LockBit Ransomware Gang are displaying a law enforcement seizure notice.
Security Affairs
Operation Cronos: law enforcement disrupted the LockBit operation
An international law enforcement operation codenamed 'Operation Cronos' led to the disruption of the LockBit ransomware operation.
CyberNews
X lifts ban on Taylor Swift searches since explicit fakes frenzy
X ended the ban on searches for Taylor Swift Monday evening, in place after fake sexually explicit images of Swift proliferated on the platform last week.
CyberNews
Putin's intel agencies lose internet, Ukraine IT Army takes claim
Moscow internet provider Akado is hacked by the volunteer IT Army of Ukraine knocking out wifi access for Putin’s administration, intel, security agencies, and more.
CyberNews
Team Liquid’s wiki leak exposes 118K users
Team Liquid's Liquipedia data leak expose thousands of users.
CyberNews
Attack on defense contractor Ultra I&C leaks military details
Ultra I&C breach confirmed to the Swiss media.
CyberNews
Ukraine says it attacked Russia’s tax service
Ukraine says it crippled Russia's taxation system.
CyberNews
SpaceX postpones planned launch of US military's secretive X-37B spaceplane
The US military's secretive X-37B robot spaceplane 7th mission is postponed Monday evening, the vehicle's first launch atop a SpaceX Falcon Heavy rocket.
CyberNews
Days-long ALPHV outage sparks arrest speculations
ALPHV/BlackCat is speculated to have been infiltrated by law enforcement.
CyberNews
"Systems malfunction" hits China's DiDi ride-hailing app, stranding millions
DiDi Global, the multi-app transportation platform, said its ride-hailing application in China experienced a 'systems malfunction,' leaving millions of riders stranded.
CyberNews
Ardent confirms hospitals disrupted over ransomware attack
Ardent Health Services hospitals deal with disruptions.
CyberNews
Pro-Russian disinfo campaign using Israel-Hamas war to stir chaos
A disinformation campaign, run or backed by Russia, has been using the Israel-Hamas war to try to create tensions elsewhere in the world.
Bleeping Computer
Black Friday 2023: Get 25% off the Zero2Automated malware analysis course
The popular Zero2Automated malware analysis and reverse-engineering course has a Black Friday 2023 through Cyber Monday sale, where you can get 25% off sitewide, including gift certificates and courses.
CyberNews
US nuclear lab confirms data breach
Attackers claim to have breached the Idaho National Laboratory, a nuclear facility.
The Record
Crypto firm Kronos Research says $26 million stolen after cyberattack
Cryptocurrency trading and investment firm Kronos Research said $26 million worth of cryptocurrency was stolen from its systems following a cyberattack.
Bleeping Computer
MATA malware framework exploits EDR in attacks on defense firms
An updated version of the MATA backdoor framework was spotted in attacks between August 2022 and May 2023, targeting oil and gas firms and the defense industry in Eastern Europe.
Cyber Security News
Threat Actors Actively Exploiting Cisco IOS XE Zero-day Vulnerability
A new Zero-day vulnerability (CVE-2023-20198) in Cisco IOS XE's Web UI feature that affects devices with exposed HTTP/HTTPS Server functionality.
Bleeping Computer
Exchange Online mail delivery issues caused by anti-spam rules
Microsoft is investigating Exchange Online mail delivery issues causing "Server busy" errors and delays when receiving emails from outside organizations.
Cyber Security News
NSO’s Pegasus Hacked Russia Media Agency CEO's iPhone
The iPhone of Galina Timchenko, the co-founder, CEO, and publisher of the Russian independent media outlet Meduza was found to have NSO Group's Pegasus spyware.
The Hacker News
Russian Journalist's iPhone Compromised by NSO Group's Zero-Click Spyware
Russian journalist Galina Timchenko's iPhone hacked with NSO Group's Pegasus spyware
Ars Technica
Windows feature that resets system clocks based on random data is wreaking havoc
Windows Secure Time Seeding resets clocks months or years off the correct time.
DataBreaches
Big Law, Big Problems: Fox Rothschild LLP Employees Face Serious Allegations of Malpractice and Criminal Activity
The following is a law firm-generated press release about a case they have filed. Keeping in mind that a complaint is allegations that have yet to be proven or...
Bleeping Computer
Ransomware gang hijacks university alert system to issue threats
The Avos ransomware gang hijacked Bluefield University's emergency broadcast system, "RamAlert," to send students and staff SMS texts and email alerts that their data was stolen and would soon be released.
DataBreaches
Ransomware cyberattack continues at Bluefield University
Updated May 3: Avos Locker subsequently added the university to its leak site with a message: “1.2 TB data from a college with cyber insurance policy...
Ars Technica
If your Netgear Orbi router isn’t patched, you’ll want to change that pronto
The threat is serious enough to warrant a manual check ASAP.
The Hacker News
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom
More than a dozen security flaws have been disclosed in Akuvox E11, a smart intercom product.
Bleeping Computer
Microsoft WinGet package manager failing from expired SSL certificate
Microsoft's WinGet package manager is currently having problems installing or upgrading packages after WinGet CDN's SSL/TLS certificate expired.
The DFIR Report
Collect, Exfiltrate, Sleep, Repeat - The DFIR Report
In this intrusion from August 2022, we observed a compromise that was initiated with a Word document containing a malicious VBA macro, which established persistence and communication to a command … Read More
Naked Security
Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security
It’s a really cool and super-simple trick. The question is, “Will it help?”
Infosecurity News
Malicious PyTorch Package Downloaded Thousands of Times
Developer warns of another open source supply chain attack
Security Affairs
PyTorch compromised to demonstrate dependency confusion attack on Python environments
Threat actors compromised the PyTorch Machine Learning Framework by adding a malicious dependency. The maintainers of the PyTorch package warn of a supply chain attack. Users who have installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, to uninstall it and use the latest binaries. “If you installed PyTorch-nightly on […]
The Hacker News
PyTorch Machine Learning Framework Compromised with Malicious Dependency
PyTorch, a well-known machine learning framework, fell victim to a supply chain attack between Dec. 25 and Dec. 30, 2022
The Hacker News
The Rise of the Rookie Hacker - A New Trend to Reckon With
More zero knowledge attacks, more leaked credentials, more Gen-Z cyber crimes - 2022 trends and 2023 predictions.
Bleeping Computer
Holiday 2022 deal: 20% off Zero2Automated malware analysis training
Zero2Automated, the creators of the popular malware analysis and reverse-engineering course, is having a Christmas special where you can get 20% off all courses on their site, with additional goodies thrown in.
The DFIR Report
Emotet Strikes Again - Lnk File Leads to Domain Wide Ransomware - The DFIR Report
In June of 2022, we observed a threat actor gaining access to an environment via Emotet and operating over a eight day period. During this time period, multiple rounds of … Read More
DataBreaches
Thales investigating — again — LockBit 3.0’s claims as share prices plummet after data leak
On November 3, Thales claimed that they had found no evidence to confirm any claim that LockBit 3.0 had breached their system. Today, LockBit 3.0 dumped some...
Naked Security
How to deal with dates and times without any timezone tantrums…
Heartfelt encouragement to embrace RFC 3339 – find out why!
Naked Security
How to deal with dates and times without any timezone tantrums…
Heartfelt encouragement to embrace RFC 3339 – find out why!
Bleeping Computer
VMware Carbon Black causing BSOD crashes on Windows
Windows servers and workstations at dozens of organizations started to crash earlier today because of an issue caused by certain versions of VMware's Carbon Black endpoint security solution.
Bleeping Computer
Kali Linux 2022.3 adds 5 new tools, updates Linux kernel, more
Offensive Security has released Kali Linux 2022.3, the third version of 2022, with virtual machine improvements, Linux Kernel 5.18.5, new tools to play with, and improved ARM support.
Bleeping Computer
Kali Linux 2022.3 adds 5 new tools, updates Linux kernel, and more
Offensive Security has released Kali Linux 2022.3, the third version of 2022, with virtual machine improvements, Linux Kernel 5.18.5, new tools to play with, and improved ARM support.
ZDNet
Misinformation needs tackling and it would help if politicians stopped muddying the water | ZDNet
Politicians lie, everyone knows it, but when the concept in question is how democracy works, it's a serious matter.
Infosecurity News
Pro-Russian Hackers Hit Critical Government Websites in Italy
Hacker group Killnet has targeted approximately 50 Italian institutions, including the council of judiciary
The DFIR Report
SEO Poisoning - A Gootloader Story
In early February 2022, we witnessed an intrusion employing Gootloader (aka GootKit) as the initial access vector.The intrusion lasted two days and comprised discovery, persistence, lateral movement, collection, defense evasion, credential access and command and control activity.
SecurityWeek
Internet Outages in French Cities After Cable 'Attacks': Operator
Internet and phone services were down or running slowly in several French cities on Aril 27th after fibre optic cables were cut overnight in suspected attacks on the crucial data infrastructure
ZDNet
Spring4Shell flaw is now being used to spread this botnet malware | ZDNet
Hackers have started to use the Spring4Shell flaw to install Mirai malware on vulnerable systems.
Security Affairs
A Mirai-based botnet is exploiting the Spring4Shell vulnerability
Experts warn of a Mirai-based botnet exploiting the recently discovered Spring4Shell vulnerability in attacks in the wild. Trend Micro Threat Research reported that the recently discovered Spring4Shell vulnerability (CVE-2022-22965) is actively exploited by a Mirai-based botnet. Researchers from Chinese cybersecurity firm Qihoo 360 first reported the exploitation of the Spring4Shell by a Mirai-based botnet in early April. […]
Infosecurity News
Finland Government Sites Forced Offline by DDoS Attacks
Finnish ministries of foreign affairs and defense forced offline earlier today by DDoS attacks
The Hacker News
Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework
Maintainers of Spring Framework have released an emergency patch to address a newly disclosed remote code execution flaw.
ZDNet
We are headed for an ecosystem of cyber haves and cyber nots: Cisco advisory CISO
A combination of resourcing, government initiatives, and innovation will mean some organisations are able to handle cyber threats in real time -- and then there is everyone else.
SecurityWeek
Israel Says Government Sites Targeted by Hack
Israel's National Cyber Directorate said that the country has suffered a cyber attack that briefly took down a number of government websites.
ZDNet
Ukraine calls for corporate support as Oracle suspends Russian operations | ZDNet
Updated: Mykhailo Fedorov requests the severance of business relationships with Russia, and Oracle takes this step.
Bleeping Computer
Canada's major banks go offline in mysterious hours-long outage
Five major Canadian banks went offline for hours blocking access to online and mobile banking as well as e-transfers for customers. The banks hit by the outage include Royal Bank of Canada (RBC), BMO (Bank of Montreal), Scotiabank, TD Bank Canada, and the Canadian Imperial Bank of Commerce (CIBC).
ZDNet
Trellix finds OneDrive malware campaign targeting gov't officials in Western Asia | ZDNet
Researchers with Trellix named the malware involved "Graphite" because it uses Microsoft's Graph API to leverage OneDrive as a command and control server
ThreatPost
‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems
It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks.
Bleeping Computer
Google Chromebooks failing to enroll due to network issue
Since Thursday evening, Google has been investigating reports of customers having issues enrolling their Chromebooks with a network error.
Bleeping Computer
DarkSide ransomware rushes to cash out $7 million in Bitcoin
Almost $7 million worth of Bitcoin in a wallet controlled by DarkSide ransomware operators has been moved in what looks like a money laundering rollercoaster.
Bleeping Computer
Hackers exploiting critical VMware vCenter CVE-2021-22005 bug
Exploit code that could be used for remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 has been released today and attackers are already using it.
The DFIR Report
Trickbot Leads Up to Fake 1Password Installation
In this intrusion, we will take a look at a Trickbot infection, where soon after gaining access, the threat actor started to enumerate the target network and dump credential information. A setup file, which attempted to masquerade as a legitimate software installer, was deployed on several systems to fetch additional Cobalt Strike beacons.
DataBreaches
Geneva, Ohio discloses ransomware attack
Warren Dillaway reports that that the city is investigating a breach. In a statement the city issued, they wrote: “Early Friday morning, July 16, 2021, the...
The DFIR Report
IcedID and Cobalt Strike vs Antivirus
In June, we saw another threat actor utilize IcedID to download Cobalt Strike (CS), which was used to pivot to other systems in the environment. Similar to the Sodinokibi case, anti-virus (AV) slowed down the attackers. AV frustrated them to the point where they temporarily left the environment.